GNSS Security Engineer (3 profiles)

Vacancy details

Temporary Agent GSA/2019/573
AD7 Prague / Czech Republic
20.08.2019 11:59 AM (GMT+2) 10.09.2019 11:59 AM
5 yes
As soon as possible 31.12.2020
Security Head of Department or Team Leader
SECRET UE / EU SECRET

[1] The place of employment is subject to changes in the interest of the service and always under due consideration of the Staff Member’s interests.

[2] Possibility of renewal for a fixed period and a further renewal for an indefinite period on the conditions set out in the Staff Regulations and in the Conditions of Employment for Other Servants

[3] The organisational department and the hierarchical reporting line may change in line with the developments of the GSA and department’s organisation.

[4] The successful candidate must hold a valid personnel security clearance at the above defined EU level or be able and willing to apply for a security clearance immediately after the contract award. The procedure for obtaining a personnel security clearance shall be initiated on request of the employer only, and not by the individual candidate.

1. THE GSA AND THE SECURITY DEPARTMENT

The European GNSS Agency (GSA) is responsible for the operations and service provision for the European Global Navigation Satellite Systems (GNSS) EGNOS and Galileo. By developing a new generation of GNSS, Europe is laying the foundation for new high-technology industry development, leading to job creation and economic growth. These European flagship space programmes, which embody what can be achieved when Europe works together, are already bringing real benefits to people and business in Europe and around the world.  The European GNSS infrastructure includes approximately worldwide 30 sites for Galileo and 50 sites for EGNOS.

The GSA’s core mission is to ensure that European citizens get the most out of Europe’s satellite navigation programmes. The Agency does this by:

  • Designing and enabling services that fully respond to user needs, while continuously improving the European GNSS services and infrastructure
  • Managing the provision of services that ensure user satisfaction in the most cost efficient manner
  • Engaging market stakeholders to develop innovative and effective applications, value-added services and user technology that promote the achievement of full European GNSS adoption
  • Ensuring that European GNSS services and operations are thoroughly secure, safe and accessible

The GSA is operated and supported by a multicultural team of professionals with interdisciplinary expertise working to ensure that the end-user is kept at the centre of Galileo and EGNOS.

For more information on the GSA and the European satellite navigation programmes, click here.

The Security Department proactively contributes to the fulfilment of GSA missions by providing the security expertise in order to (1) achieve successful security accreditation of the systems, (2) secure programmes’ implementation and exploitation and (3) ensure a wide, secure and sustainable use of the Public Regulated Service (PRS).

The following high level objectives are set for the Security Department:

  • Implement and safeguard the high level security objectives of the Galileo and EGNOS programmes
  • Prepare the security accreditation of Galileo and/or EGNOS sites and infrastructures
  • Manage security processes, monitor and enforce programmes’ security requirements
  • Ensure that the PRS development continuously achieve user needs, promote a wide and secure use of PRS and ensure compliance with the PRS Decision 1104/2011
  • Inculcate a security culture within the GSA and continuously improve the image of the GSA, as a reliable security actor

2. TASKS AND RESPONSIBILITIES

The Security Department is looking to recruit Security Engineers with the following three profiles:

  1. GNSS Cyber Security Engineer
  2. GNSS Site Security Engineer
  3. GNSS Service Security Engineer

reporting to the Head of the Security Department or one of the Security Department Team Leaders.

When applying, please clearly indicate for which profile(s) you apply in section 7. Motivation letter.

  1. GNSS Cyber Security Engineer

The GNSS Cyber Security Engineer will have the following non-exhaustive list of tasks:

  • Manage the GSA cyber implementation plan
  • Organise GSA cybersecurity panels, participate to the Galileo Programme Cyber Security Board
  • Develop procedures for the efficient processing of Galileo cybersecurity activities
  • Promote cyber-testing activities, participate to their selection, follow-up of results for the projects under his/her competence
  • Drive cyber vulnerability management for the projects under his/her competence, reviewing the implementation of the security requirements and the risk treatment plans
  • Support the GSA cyber awareness and training plan
  • Support the analysis, review and maintenance of the Galileo security requirements baseline for the Galileo programme and service milestones, in particular related to the activities under responsibilities of the GSA (e.g. the Galileo Service Operator (GSOp), Galileo Service Centre (GSC), Galileo Reference Centre (GRC) and other service facilities)
  • Support the evolution of the security requirements related to the development and implementation of EGNOS and/or Galileo services (including Open Service, Search and Rescue, Public Regulated Service)
  • Liaise with other GSA teams and provide security engineering support as needed
  • Contribute to the maintenance and update of the Statement of Compliance to the applicable security requirements in cooperation with the GSMC and ESA
  • Participate to Galileo technical reviews related to security aspects, in particular on cybersecurity
  • Contribute to the preparation of accreditation files and security risks analyses for the exploitation phases of Galileo and the associated risks treatment plans in cooperation with ESA, in particular on cybersecurity
  • Provide technical support to the Commission on the GNSS Security Board and associated working groups
  • Assist the Security Requirements and Standards Manager in the management of the contracts providing industrial security support to the team

The focus will be on Galileo, however it may entail activities on EGNOS or other Programmes due to synergies between the programmes. 

  1. GNSS Site Security Engineer

The GNSS Site Security Engineer will have the following non-exhaustive list of tasks:

  • Contribute to the end-to-end technical management of the services security of the Galileo and/or EGNOS programmes with a particular focus on Sites Security:
    • Definition and maintenance of the Programme security requirements baseline
    • Impact assessment of security requirements changes
    • Analysis, review and maintenance of security requirements and documentation related to relevant GSA procurements
    • Verification of the security requirements implementation (incl. on-site acceptance reviews)
  • Review local site management plans and local site operating procedures, local Secops and propose evolution as needed
  • Drive the security accreditation processes and files for EGNOS sites
  • Monitor the implementation of technical and operational measures to improve the posture of Galileo and/or EGNOS programmes against site related security risks
  • Follow Galileo and/or EGNOS sites infrastructure deployment/evolutions to ensure establishment/improvement of the security posture
  • Contribute to the security risk management process including security risks analyses for the exploitation phases and the associated risks treatment plans, notably with regard to sites
  • Support the European Commission in its responsibilities related to the security of the Galileo and EGNOS programmes, in particular for the GNSS Security Board and associated working groups
  • Participate to the EGNOS sites management boards, in interfacing with ESA and industry for the delivery and acceptance of site hosting services (GSA undertakings) and for the handling with ESA and/or the EGNOS Service Provider of site security events
  • Interact with Member States Local Security Accreditation Authorities (LSAA) in the frame of the Security Accreditation Process and of the Critical Infrastructure Management Process

The focus will be on EGNOS sites under deployment, however it may entail activities on Galileo due to synergies between the GNSS programmes and their sites.

It shall be noted that for successfully undertaking the activities, frequent missions to the GSA EGNOS office in Toulouse, France will be required, together with missions to elsewhere in Europe, North Africa and worldwide for site inspections and security accreditation related activities.

  1. GNSS Service Security Engineer

The GNSS Service Security Engineer will have the following non-exhaustive list of tasks:

  • PRS Service engineering activities (strategy, definition, evolutions, planning):
    • Support the definition of the PRS service evolution roadmap and associated implementation plan, in coordination with GSA departments, EC and ESA
    • Support the implementation of the PRS service evolution roadmap by defining the PRS service development, deployment and validation plan and supervising its execution
    • Manage PRS-specific engineering activities and requirements documentation under GSA responsibility
    • Review PRS security requirements related to the GSOP and GSMC activities; propose evolutions for the respective baselines
    • Prepare the PRS Service Definition Documents and other documents related to the exploitation baseline in support to the delivery of the PRS service
    • Support the engineering and change control boards within the Agency and the Galileo Programme with respect to PRS activities
    • Contribute to the implementation of the provisions in Decision 1104/2011 on the access to PRS
    • Prepare reports on PRS-related activities
    • Prepare accreditation files related to PRS service accreditation milestones
    • Support security engineering activities linked to other services
  • Support to the European Commission:
    • Contribute to the PRS service strategy, policy and international agreements in support to the European Commission and Member States
    • Provide technical and secretariat support to the Galileo Working Groups related to PRS activities
  • Support to Member States and PRS user communities:
    • Provide expertise for the coordination of Member States' actions on aspects related to the PRS
    • Contribute to the definition of Guidelines for the implementation of PRS management rules in the Member States in compliance with the Common Minimum Standards
    • Provide the technical support to the PRS participants CPAs

3. ELIGIBILITY CRITERIA

The selection procedure is open to applicants who satisfy the following eligibility criteria, on the closing date for application:

  1. A level of education which corresponds to completed university studies[5] attested by a diploma when the normal period of university education is four years or more
    OR
    A level of education which corresponds to completed university studies attested by a diploma and at least one year of appropriate professional experience when the normal period of university education is three years
  2. In addition to the above, appropriate professional experience[6] of at least six years after obtaining the required diploma
  3. Be a national of a Member State of the European Union
  4. Be entitled to his or her full rights as citizen
  5. Have fulfilled any obligations imposed by the applicable laws concerning military service
  6. Meet the character requirements for the duties involved[7]
  7. Have a thorough knowledge of one of the languages of the European Union[8] and a satisfactory knowledge of another language of the European Union to the extent necessary for the performance of his/her duties
  8. Be physically fit to perform the duties linked to the post[9]

[5] Only study titles that have been awarded in EU Member States or that are subject to the equivalence certificates issued by the authorities in the said Member States shall be taken into consideration.
[6] Only appropriate professional experience acquired after achieving the minimum qualification stated in point.1 shall be considered. Where additional periods of training and study are accompanied by periods of professional activity, only the latter shall be considered as professional experience. Compulsory military service or equivalent civilian service accomplished after achieving the minimum qualification stated in point.1 shall be taken into consideration. Internships will be taken into consideration, if they are paid. Professional activities pursued part-time shall be calculated pro rata, on the basis of the percentage of full-time hours worked. A given period may be counted only once.
[7] Prior to the appointment, the successful candidate will be asked to provide a Police certificate confirming the absence of any criminal record.
[8] The languages of the EU are: Bulgarian, Croatian, Czech, Danish, Dutch, English, Estonian, Finnish, French, Irish, German, Greek, Hungarian, Italian, Latvian, Lithuanian, Maltese, Polish, Portuguese, Romanian, Slovak, Slovene, Spanish, Swedish.
[9] Before a successful candidate can be appointed, s/he will be medically examined by a selected medical service so that the Agency will be satisfied that s/he fulfils the requirement of Article 28(e) of the Staff Regulation of Officials of the European Union.

4. SELECTION CRITERIA

All eligible applications, according to the afore-mentioned criteria, will be assessed against the requirements listed below. 

The Selection Board responsible for this selection will determine the criteria to be assessed in the various phases of the selection procedure (assessment of the application forms, interview and written test) prior to being granted access to the names of the applicants. All essential criteria will be assessed during the applications evaluation phase.

Non-compliance with any of the Essential criteria may result in the exclusion of the candidate from the selection process. Advantageous criteria constitute additional assets and will not result in exclusion, if not fulfilled.

When filling the online application, candidates are expected to include elements that demonstrate that their profile matches the requirements below.

Essential criteria

  1. University degree in the exact sciences (e.g. engineering, physics, mathematics, computer science, telecommunications, electronics etc.)
  2. Depending on the selected profile, experience in the field of information, network or physical security (e.g. secure design, operations, secure infrastructure, security risk management ) or security engineering
  3. Excellent command of both written and spoken English

Advantageous criteria

  1. Experience in handling classified material at or above SECRET UE/EU SECRET (or equivalent)
  2. Experience in cybersecurity
  3. Experience in system engineering, service engineering or service provision
  4. Experience in physical and organisational security
  5. Experience in a security accreditation or highly regulated domain (e.g. Maritime, Rail, Defence)
  6. Knowledge (by training or experience) of European GNSS 
  7. Knowledge (by training or experience) of relevant certifications standards (e.g. CISSP, GIAC, ISO 27000, ISACA)

Behavioural competences

  1. Motivation
  2. Excellent communication skills
  3. Working with others and customer service mindset
  4. Ability to work under pressure and prioritise

5. SELECTION PROCEDURE

The selection procedure includes the following steps:

  • Applications must be complete and successfully submitted via the e-recruitment tool within the deadline set for the vacancy notice.
  • For each selection procedure, the Appointing Authority of the Agency appoints a Selection Board. The Board’s deliberations are confidential and applicants are strictly forbidden to contact its members.
  • An automatic screening of all valid applications will be carried out by means of the e-recruitment tool in order to verify their compliance with the eligibility criteria. The eligibility screening will be verified and endorsed by the Selection Board responsible for the procedure.
  • All eligible applications will be then evaluated by the Board based on the selection criteria defined in this vacancy notice.
  • The candidates whose applications rank among the best-qualified in accordance with the selection criteria, may be contacted in order to verify (through an oral or written test) their studies, professional experience and/or other knowledge and competencies as indicated in their application. This contact would be an intermediate step in pre-selecting the most suitable candidates. It does not, however, entitle candidates to be invited for an interview.
  • The best-qualified candidates, those who obtained the highest scoring within the evaluation, will be short-listed for an interview and a written test. The minimum threshold is 65% of the total points.
  • Prior to the day of the interview candidates will be requested to send photocopies of all the supporting documents for their educational qualifications and employment necessary to prove that they meet the eligibility criteria. GSA has the right to disqualify applicants who fail to submit all the required documents.
  • During the interview, the Selection Board will examine each candidate’s profile and will assess their relevancy for this post. Shortlisted candidates will be also required to undergo a computer-based written test relevant to the job content (the minimum threshold for this test is 50% of the total points allocated for it).
  • Interviews and written test will be held in English, however knowledge of another EU languages may also be tested. Mother tongue English speakers will be expected to demonstrate their knowledge of a second EU language in line with Article 28(f) of the Staff Regulations.
  • All candidates short-listed for an interview may also be requested to complete an online Business Attitude Questionnaire.
  • As a result of the interviews, the Selection Board will recommend the most suitable candidate(s) for this post to be placed on a reserve list. The minimum threshold to be placed on the reserve list is 65% of the total points.
  • The best-ranked candidates will be invited for a final interview with the Appointing Authority. The interview will focus on the overall suitability of the candidate for the post covering motivation, relevant technical and behavioural competencies, in line with the selection criteria established in the vacancy notice.
  • The Appointing Authority will ultimately decide on the successful candidate to be appointed to the post.
  • The established reserve list may also be used for recruitment of similar posts depending on the Agency’s needs. Where a similar post becomes available, the Appointing Authority may select applicants from the list according to their profile in relation to the specific requirements of the post to be filled. However, inclusion on the reserve list does not guarantee employment.
  • The validity of the reserve list is indicated in the vacancy notice and its duration might be extended if deemed necessary.
  • Normally, the recruitment procedure can take up to 6 months from the date on which a position is first advertised to the final offer being made.
  • If, at any stage of the procedure, it is established that any of the information the candidate has provided is incorrect, the candidate in question will be disqualified.

Indicative date for the interview and written test: September. The date might be modified depending on the availability of the Selection Board members.

Candidates are strictly forbidden to make any contact with the Selection Board members, either directly or indirectly. Any infringement of this rule will lead to disqualification from the selection procedure.

6. APPLICATION PROCEDURE

In order to be considered for this position, candidates need to create an account by registering via the GSA e-recruitment tool.

Only applications submitted via the e-recruitment tool will be accepted. Applications sent via email or post will not be taken into consideration.

Multiple applications received for the same position via different accounts will lead to the exclusion of the applicant from the selection procedure.

Important: the information provided by candidates in their online application constitutes the solely basis for the assessment of the eligibility and selection criteria. Therefore, they are invited to carefully read the requirements and to provide the relevant information in such detail that would allow this assessment. Particular attention should be paid to information on the education and professional experience, in particular exact dates, description of responsibilities and duties carried out.

All sections of the application should be completed in English in order to facilitate the selection procedure.

In order to be considered, applications must be received by the closing date indicated in the vacancy notice.

Candidates are advised to submit the application well ahead of the deadline in order to avoid potential problems during the final days before the closing date of applications’ submissions. The Agency cannot be held responsible for any last-minute malfunctioning of the e-recruitment tool due to heavy traffic on the website.

Please consult the e-recruitment guideline for instructions on completing the application.

7. APPEAL PROCEDURE

If a candidate considers that he/she has been adversely affected by a particular decision, he/she can:

  • Lodge a complaint under Article 90(2) of the Staff Regulations of Officials of the European Union and Conditions of employment of other servants of the European Union, at the following address:

    European GNSS Agency (GSA)
    Human Resources Department
    Janovského 438/2
    170 00 Prague 7
    Czech Republic

    The complaint must be lodged within 3 months. The time limit for initiating this type of procedure starts to run from the time the candidate is notified of the action adversely affecting him/her.
     
  • Submit a judicial appeal under Article 270 of the Treaty on the Functioning of the EU (ex Art. 236 of the EC Treaty) and Article 91 of the Staff Regulations of Officials of the European Union to the:

    European Union Civil Service Tribunal
    Boulevard Konrad Adenauer
    Luxembourg 2925
    LUXEMBOURG

    For details on how to submit an appeal, please consult the website of the European Union Civil Service Tribunal: http://curia.europa.eu/jcms/jcms/Jo1_6308/. The time limits for initiating this type of procedure (see Staff Regulations as amended by Council Regulation (EC) No 723/2004 of 22 March 2004, published in Official Journal of the European Union L 124 of 27 April 2004 - http://eur-lex.europa.eu start to run from the time you become aware of the act allegedly prejudicing your interests.
     
  • Make a complaint to the European Ombudsman:

    European Ombudsman
    1 avenue du Président Robert Schuman
    CS 30403
    67001 Strasbourg Cedex
    FRANCE
    http://www.ombudsman.europa.eu

    Please note that complaints made to the Ombudsman have no suspensive effect on the period laid down in Articles 90(2) and 91 of the Staff Regulations for lodging complaints or for submitting appeals to the Civil Service Tribunal under Article 270 of the Treaty on the Functioning of the EU (ex Art. 236 TEC). Please note also that, under Article 2(4) of the general conditions governing the performance of the Ombudsman's duties, any complaint lodged with the Ombudsman must be preceded by the appropriate administrative approaches to the institutions and bodies concerned.

8. SUMMARY OF CONDITIONS OF EMPLOYMENT

FINANCIAL ENTITLEMENTS

The remuneration consists of a basic salary[10] and, where applicable, additional allowances[11], paid on a monthly basis and reimbursements[12], paid upon their evidenced occurrence.

The sum of the basic salary and the applicable additional allowances is weighted by the correction coefficient applicable for the location of the post[13]. The sum of usual social deductions from salary at source is subtracted from the weighted amount[14]. The full pay is exempted from the national income tax, but is subject to the internal income tax and the solidarity levy[15].

Examples of net monthly salaries (as currently applicable in Prague) are presented below:

AD 7 - Step 1 (less than 9 years of work experience)16
a) Minimum final net salary (without any allowances) b) Final net salary with expatriation allowance c) Final net salary with expatriation, household and 1 dependent child allowance
3,910.56 EUR 4,724.43 EUR 5,549.22 EUR

 

AD 7 - Step 2 (more than 9 years of work experience)16
a) Minimum final net salary (without any allowances) b) Final net salary with expatriation allowance c) Final net salary with expatriation, household and 1 dependent child allowance
4,051.15 EUR 4,899.22 EUR 5,737.24 EUR

 

LEAVE ENTITLEMENTS

Staff is entitled to annual leave of two working days per each complete calendar month of service plus additional days for the grade, age, home leaves for expatriates and an average of 16 GSA public holidays per year.

Special leave is granted for certain circumstances such as marriage, moving, elections, birth or adoption of a child, serious sickness of spouse, etc.

SOCIAL SECURITY

The pension scheme provides a very competitive pension after a minimum of 10 years of service and reaching the pensionable age. Pension rights acquired in one or more national schemes before starting to work at GSA may be transferred into the EU pension system.

GSA’s benefits include an attractive Health insurance: staff is covered 24/7 and worldwide by the Joint Sickness Insurance Scheme (JSIS). Staff is insured against sickness, accident and occupational disease, and could be entitled to unemployment and to invalidity allowances.

PROFESSIONAL DEVELOPMENT AND BENEFITS CONTRIBUTING TO WORK-LIFE BALANCE

GSA aims at creating and maintaining a supportive and healthy work environment that enables staff members to have balance between work and personal responsibilities, for example through flexible working time arrangements. 

GSA also offers a wide range of training courses to develop staff members’ personal skills and keep in touch with the latest developments in their field. The training and professional development opportunities are attuned to the career plan and requirements of the departments.


[10] As per Articles 92 and 93 CEOS.
[11] Household allowance (e.g. if you have a dependent child or you are married and your spouse's income is below a defined threshold); Dependent child allowance (e.g. if you have a child under the age of 18 or between 18 and 26, if in specified training programme); Education allowances (in very specific cases) or Payment of the education fees applicable to the educational institutions GSA has an agreement with (currently more than 17 international schools in the Czech Republic, France and Spain); Expatriation allowance (16% of the sum of basic salary and other applicable allowances).
[12] If staff member is requested to change the residence in order to take up duties, s/he will be entitled to: reimbursement of the travel costs; temporary daily subsistence allowance (e.g. EUR 43.11 for up to 10 months or EUR 34.76 for 120 days, if no dependents); installation allowance (depending on personal situation, 1 or 2 months of the basic salary – paid upon successful completion of the nine-month probationary period).
[13] Currently correction coefficients for the GSA duty locations are: 83% for CZ, 116.7% for FR, 109.9% for NL, 91.7% ES. The coefficient is updated every year, with retroactive effect from 1 July.
[14] Pension (10%); health insurance (1.70%); accident cover (0.10%); unemployment insurance (0.81%).
[15] Currently: income tax: tax levied progressively at a rate of between 8% and 45% of the taxable portion of the salary; solidarity levy: 6%.
[16] Kindly note that the numbers in examples b) and c) are indicative and net monthly remuneration varies depending on the personal, life and social situation of the incumbent. The various components of the remuneration are updated every year, with retroactive effect from 1 July.

9. COMMITMENT

Declaration of commitment to serve the public interest independently:

The jobholder will be required to make a declaration of commitment to act independently in the public interest and to make a declaration in relation to any interest that might be considered prejudicial to his/her independence.

The jobholder will be required to carry out his/her duties and conduct him/herself solely with the interests of the European Union in mind; he/she shall neither seek nor take instruction from any government, authority, organisation or person outside his/her institution. He/she shall carry out the duties assigned with objectivity, impartiality and loyalty to the European Union.

Commitment to promote equal opportunities:

The Agency is an equal opportunities employer and strongly encourages applications from all candidates who fulfil the eligibility and selection criteria without any distinction whatsoever on grounds of nationality, age, race, political, philosophical or religious conviction, gender or sexual orientation and regardless of disabilities, marital status or other family situation.

10. DATA PROTECTION

The personal information GSA requests from candidates will be processed in line with Regulation (EU) N° 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, officers and agencies and on the free movement of such data (repealing Regulation (EC) N° 45/2001 and Decision N° 1247/2002/EC).

https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32018R1725&from=EN

The purpose of processing personal data which candidates submit is to manage applications in view of possible pre-selection and recruitment at GSA. All personal data collected will only be used for this purpose and will in no case be transmitted to any third party. Any data provided will be treated in the strictest confidence and with high standards of security.

Applicants’ documents will only be kept for as long as it is mandatory to fulfil the requirements of existing auditing/control procedures applicable to GSA.

Applicants have a right to access their data. They have a right to update or correct at any time their identification data. On the other hand, data demonstrating compliance with the eligibility and selection criteria may not be updated or corrected after the closing date for the respective selection procedure.

Applicants are entitled to have recourse at any time to the European Data Protection Supervisor (http://www.edps.europa.eu; EDPS@edps.europa.eu) if they consider that their rights under Regulation (EC) N° 2018/1725 have been infringed as a result of the processing of their personal data by the GSA.

https://www.gsa.europa.eu/privacy-policy